JavaMelody up to and including 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
javamelody project javamelody